Russia was the single largest source of attacks followed by Bulgaria, Monaco and Panama

Computers specially configured to make cyber criminals think they were small businesses operating in London were attacked by hackers over 2,000 times every minute this January. 

The computers –– called honeypots in the cyber security industry – were operated by cyber insurer Coalition as part of an exercise to assess the volume of cyber attacks directed against the UK’s capital.

The data is being supplied by Coalition to the Cyber Resilience Centre for London, a police-led, not-for-profit organisation working in partnership with the Mayor of London’s Office for Policing and Crime.

Data from the honeypots showed that over the course of 28 days in January, the devices were attacked 91 million times by over 101,000 different hackers.

Russia source of most attacks

Russia was the single largest source of attacks followed by Bulgaria, Monaco and Panama. However, Coalition’s experts pointed out that many cyber criminals hide their location by mounting attacks using virtual private networks (VPNs) routed through other countries.

Of the 91 million attacks recorded, 77 million were attempts to hack into remote desktop connections used by employees working out of office.

Dr Simon Bell, Coalition’s UK security researcher, said: “These results show just how much home working has widened businesses’ attack surface – the number of internet connections and vulnerabilities that hackers can exploit. 85% of attacks we saw were attempts to gain unauthorised access to these remote connections.

“We use honeypots to learn about threat actors and their methods. It’s a little like using decoy car to attract car thieves.

“Once the attack happens, we can see what vulnerabilities the cyber criminal is looking for and how they try to exploit them. In this exercise, our honeypots were given IP addresses that identified as physical data centres in London.”

Real-time insights

Simon Newman, CEO of the Cyber Resilience Centre for London, said: “The data supplied by Coalition is incredibly valuable to us as we get real-time insights into the threat landscape of the City, and the latest trends and techniques being deployed by cyber criminals.

“This allows us to tailor up-to-date guidance for our membership base of SMEs, which make up 99.8% of businesses across the capital. It also helps to illustrate the scale of the threat facing the business community, which in turn supports access to funding and partnerships that allows us to continue our important work.”

Honeypots are computers or devices with vulnerabilities designed to attract cyber attacks so attack methods and routes can be analysed. Coalition runs a global network honeypots.

In addition, the firm’s automated scanning and monitoring system scans the internet in real time identifying vulnerabilities that hackers can exploit.

Topics